package com.lsj.config;

import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;

public class MyDaoAuthenticationProvider extends DaoAuthenticationProvider {

    @Override
    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
        //重写DaoAuthenticationProvider，在这里使用自定义的MyWebAuthenticationDetails，判断验证码是否通过
        MyWebAuthenticationDetails myWebAuthenticationDetails = (MyWebAuthenticationDetails) authentication.getDetails();
        boolean passed = myWebAuthenticationDetails.isPassed();
        if(!passed){
            throw new AuthenticationServiceException("验证码错误");
        }
        super.additionalAuthenticationChecks(userDetails,authentication);
    }

}
